Re: commit: ldap/servers/slapd entry.c

[Pierangelo Masarati <ando@sys-net.it>]

Michael Ströder wrote:
> Pierangelo Masarati wrote:
>> Hallvard B Furuseth wrote:
>>> ando@OpenLDAP.org writes:
>>>>       Tag: OPENLDAP_REL_ENG_2_3
>>>> 	entry.c  1.129.2.13 -> 1.129.2.14
>>>> import fix to ITS#5071
>>> This (/* require ';binary' when appropriate (ITS#5071) */) is a
>>> functionality change which can prevent people from upgrading.
>>> I don't think that belongs so late in RE23's life cycle.
>> You can't load a certificate without ';binary' using ldapadd/ldapmodify;
>> this fix makes slapadd consistent with LDAP operations, so I don't think
>> it's going to break things that much.
> 
> I also think it's good to have this fixed in RE23.

On a related note: I've noticed that even deleting ALL certificates of
an entry using ldapmodify requires

dn: cn=anyone
changetype: modify
delete: userCertificate;binary
-

In fact,

dn: cn=anyone
changetype: modify
delete: userCertificate
-

fails even if there's nothing to transport and thus the ';binary' is
useless...

p.



Ing. Pierangelo Masarati
OpenLDAP Core Team

SysNet s.r.l.
via Dossi, 8 - 27100 Pavia - ITALIA
http://www.sys-net.it
---------------------------------------
Office:  +39 02 23998309
Mobile:  +39 333 4963172
Email:   pierangelo.masarati@sys-net.it
---------------------------------------